feature: fraxusd support

[shinchann221]

No description provided.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[certora-run]

Verification Results

• Group ID: 1c854897-c7c7-4558-8ae4-fb6925dc59aa

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: 89673d9d-43f9-45cb-a3a7-8df45a134557

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: 152f5db5-2410-4eb8-a7ed-8eb6fc71107c

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: d26b8327-7508-4f4c-bcdf-5fa2f0a8c051

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: 8537ae10-fbba-4edb-9ef6-3a374a7f23f7

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: 87f3badb-36f8-4be1-954b-026a69095d4b

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: 5c715de3-ec7b-4272-8f5a-1200fb9277ae

Job	Result	VERIFIED	Link
EtherFiSafe.conf	⌛	0	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: e4d5d80a-1afa-48f1-8503-e41939a7e9c9

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[certora-run]

Verification Results

• Group ID: c71a3e0e-cebf-4625-be9a-387dc65eac8f

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link

[shinchann221]

FraxModule Improvements and Changes

Overview

This document outlines the security fixes, improvements, and new features implemented in the FraxModule contract to address critical issues and align with system requirements.

---

1. H-01 Missing Withdrawal Cancellation Mechanism Leading to DoS

Recommendation

Make sure to implement the cancellation flow similarly to how it has been done in EtherFiLiquidModule - this includes both a cancellation hook and a manual cancellation function.

Files Changed

• src/modules/frax/FraxModule.sol

Changes Made

• ✅ Implemented IBridgeModule interface
• ✅ Added cancelBridgeByCashModule(address safe) function for CashModule to cancel withdrawals
• ✅ Added cancelAsyncWithdraw(address safe, address[] calldata signers, bytes[] calldata signatures) function for manual cancellation by safe owners
• ✅ Added CANCEL_ASYNC_WITHDRAW_SIG constant for signature verification
• ✅ Added _checkCancelAsyncWithdrawSignature helper function
• ✅ Added AsyncWithdrawalCancelled event
• ✅ Added Unauthorized and InvalidSignatures errors

---

2. M-01 Loss of value in Async Withdrawals due to Decimal Truncation

Recommendation

Validate in requestAsyncWithdraw (or _requestAsyncWithdraw) that the _withdrawAmount is a multiple of the dust threshold to ensure the full amount can be bridged.

Files Changed

• src/modules/frax/FraxModule.sol

Changes Made

• ✅ Added DUST_THRESHOLD constant set to 1e12
• ✅ Added AmountContainsDust error
• ✅ Added validation in _requestAsyncWithdraw to check _withdrawAmount % DUST_THRESHOLD != 0 and revert with AmountContainsDust if not a multiple

---

3. L-01 Incompatibility with Custodian Async Deposit Flow (DoS)

Recommendation

The module should either explicitly support the async flow (accepting fees and skipping the immediate balance check) or, if the intention is to only support synchronous deposits, it should validate the Custodian's state (available assets) before attempting the deposit to prevent gas wastage on doomed transactions.

We only want to keep the synchronous flow.

Files Changed

• src/modules/frax/FraxModule.sol

Changes Made

• ✅ Added InsufficientCustodianBalance error
• ✅ Added validation in _deposit to check custodian's fraxusd balance before attempting deposit
• ✅ Validates that ERC20(fraxusd).balanceOf(custodian) >= minReturnAmount to ensure synchronous deposit is possible
• ✅ Prevents gas wastage on transactions that would fail due to insufficient custodian balance

---

4. I-01. Missing Asset Validation Against Custodian Configuration

Recommendation

Add a check in _deposit to ensure assetToDeposit == custodian.custodianTkn() and a similar check in _withdraw for outputAsset.

Resolution

We have acknowledged the issue.

---

5. Missing Input Validation

Description

The constructor did not validate that _custodian address is not zero, which could lead to deployment with invalid configuration.

Recommendation

Add zero address validation for custodian in constructor.

Files Changed

• src/modules/frax/FraxModule.sol

Changes Made

• ✅ Added _custodian == address(0) check in constructor validation

---

Summary of All Changes

New Constants

• DUST_THRESHOLD = 1e12 - Dust threshold for LayerZero OFT decimal conversion
• CANCEL_ASYNC_WITHDRAW_SIG - TypeHash for cancel async withdraw function signature

New Errors

• AmountContainsDust() - Thrown when withdrawal amount contains dust
• InsufficientCustodianBalance() - Thrown when custodian has insufficient balance for synchronous deposit
• Unauthorized() - Thrown when caller lacks proper authorization
• InvalidSignatures() - Thrown when signatures are invalid

New Events

• AsyncWithdrawalCancelled(address indexed safe, uint256 amountToWithdraw, uint32 dstEid, address to) - Emitted when async withdrawal is cancelled

New Functions

• cancelBridgeByCashModule(address safe) - Hook for CashModule to cancel withdrawals
• cancelAsyncWithdraw(address safe, address[] calldata signers, bytes[] calldata signatures) - Manual cancellation by safe owners
• _checkCancelAsyncWithdrawSignature(...) - Helper for signature verification

Interface Implementation

• Contract now implements IBridgeModule interface

Validations Added

• ✅ Dust threshold validation in _requestAsyncWithdraw
• ✅ Custodian balance validation in _deposit
• ✅ Constructor validation for custodian address

---

Impact

These changes ensure the module:

• ✅ Properly handles cancellation flows to prevent DOS scenarios
• ✅ Prevents dust locking in async withdrawals
• ✅ Validates synchronous deposit requirements
• ✅ Maintains consistency with other bridge modules in the system
• ✅ Provides proper error handling and user feedback

[certora-run]

Verification Results

• Group ID: 7ae8ea6c-f53a-45d6-b279-3cad90027222

Job	Result	VERIFIED	Link
EtherFiSafe.conf	✅	14	Link
CashModuleCore.conf --rule "p03"	✅	2	Link